Find a Question:

The OneLogin Password Manager application displays a hack

Jun

3

2017

The company responsible for implementing password management and registration system provider OneLogin in an official statement this week enabled a hacker to break into their systems for the United States and steal sensitive user information, and the San Francisco-based company provides login and identity management services to more than 2000 companies In 44 countries around the year.

Although details of the intrusion and its impact are small, Alvaro Hoyes, who is responsible for OneLogin’s risk management, security and compliance efforts, said in a posting that hackers were able to access database tables containing information about users and applications of the company along with different types of keys .

“While we encrypt some sensitive data within the company, we can not rule out the possibility of the threat that the attacker could have access to data decoding,” he said.

The attack on the company began on May 31 at 2 am Pacific time, when pirates had access to a set of keys (Amazon Web Services) that they used to access the AWS software from a host Broker through another smaller service provider in the United States.

“The hacker, through the software functions of Amazon Web Services, has created many cases in our infrastructure to conduct the survey and the company’s team was able to detect unusual database behavior after seven hours, and the attack was completed in minutes,” said OneLogin, Around 9 am Pacific time. ”

The company is currently working with independent third-party security experts and law enforcement to investigate infiltration. The company has informed customers with instructions on what to do next. “We want our customers to know that the confidence they have placed in us is critical,” he said.

In August 2016, the company suffered a data breach that gained hackers unauthorized access to one of the company’s independent systems, which was used to store and analyze log logs.